It would be nice to provide the link of the bug report here. It will allow people to see, add comment, support the bug.
Thanks - I don’t know why that didn’t occur to me - I guess I was preoccupied by possible flames… 
I just got through retaking Boneh’s class on Crypto.
https://bugs.kde.org/show_bug.cgi?id=464806
It now occurs to me that these issues also apply to linux crypto volumes (luks, etc.?) from the basic Crypto rules point of view. I haven’t tested these.
So, for now, something like a cron job that deletes that kate file would be a sort of patch? A better fix would be a python script cron job that only deletes entries containing particular paths in /media? (Of course, that constitutes something like a side channel attack…)